NHS computer systems hacked!?

Django x2 said:
4G... Next?
Click to expand...
4g backup router? Or individual 4g enabled devices?

I can think of issues with both options.

In reality I'd be surprised if most trusts don't have fail over lines as well as the N3. But obviously that doesn't help if someone whangs a digger through the fibre.
 
neil_g said:
4g backup router? Or individual 4g enabled devices?

I can think of issues with both options.

In reality I'd be surprised if most trusts don't have fail over lines as well as the N3. But obviously that doesn't help if someone whangs a digger through the fibre.
Click to expand...

Either, both, any. They just need a connection, as they would from said device to a local instance of the DBs / servers if a switch went down. I'm not advocating that Cloud is the best solution, solely, but I am certainly a proponent of the fact that SLA of cloud providers trumps on-prem solutions and a system can always nearly be moved to a cloud offering even if it ends up being (S)PaaS.
 
Minstadave said:
I’m no IT expert and my opinion is irrelevant but shoving everything in the cloud is not always the best option.
Click to expand...

On-site with cloud replication is the way forward. We're looking into a new system that backs up all of your VMs to a cloud-based datacentre. Should you suffer a failure on-site, you simply power up the VM "in the cloud" and have staff access it that way instead. It's a brilliant system and seemingly used by some extremely big companies if their sales pitch is anything to go off.

Django x2 said:
Either, both, any. They just need a connection, as they would from said device to a local instance of the DBs / servers if a switch went down. I'm not advocating that Cloud is the best solution, solely, but I am certainly a proponent of the fact that SLA of cloud providers trumps on-prem solutions and a system can always nearly be moved to a cloud offering even if it ends up being (S)PaaS.
Click to expand...

I've seen far too many times where, unless the provider is massive like 365, outages have caused chaos for far too long of a period where we would have had our on-site systems restored long before they had. Hell, I've even seen 365 go down for an entire customer for an entire afternoon, they were crippled.
 
Liquidfox said:
On-site with cloud replication is the way forward. We're looking into a new system that backs up all of your VMs to a cloud-based datacentre. Should you suffer a failure on-site, you simply power up the VM "in the cloud" and have staff access it that way instead. It's a brilliant system and seemingly used by some extremely big companies if their sales pitch is anything to go off.
Click to expand...

to "a data centre"? that doesn't sound like anything particularly novel, surely backing things up to a remote data centre and being able to make use of the servers or VMs there instead has been pretty standard for years?
 
Liquidfox said:
On-site with cloud replication is the way forward. We're looking into a new system that backs up all of your VMs to a cloud-based datacentre. Should you suffer a failure on-site, you simply power up the VM "in the cloud" and have staff access it that way instead. It's a brilliant system and seemingly used by some extremely big companies if their sales pitch is anything to go off.



I've seen far too many times where, unless the provider is massive like 365, outages have caused chaos for far too long of a period where we would have had our on-site systems restored long before they had. Hell, I've even seen 365 go down for an entire customer for an entire afternoon, they were crippled.
Click to expand...

Interested to hear some more about this. Would you consider making a thread over in the Enterprise section?

Did you consider creating a second data-centre onsite perhaps in another building close buy? san replication etc etc
 
Liquidfox said:
I've seen far too many times where, unless the provider is massive like 365, outages have caused chaos for far too long of a period where we would have had our on-site systems restored long before they had. Hell, I've even seen 365 go down for an entire customer for an entire afternoon, they were crippled.
Click to expand...

Which is nothing more than poor cloud design. Treat the cloud like you would any normal datacenter and span it out across regions, there is never a need for the above to occur. If MS were to lose two regions, there would be far greater things to worry about than taking patient obs :D
 
dowie said:
to "a data centre"? that doesn't sound like anything particularly novel, surely backing things up to a remote data centre and being able to make use of the servers or VMs there instead has been pretty standard for years?
Click to expand...

Yes, but the minute you power them on your costs usually jump massively. It seems with this subscription model you get a 30-day window to restore your side before this happens.

TheOracle said:
Interested to hear some more about this. Would you consider making a thread over in the Enterprise section?

Did you consider creating a second data-centre onsite perhaps in another building close buy? san replication etc etc
Click to expand...

This is more aimed at the SME sector, many of which don't have a data centre to begin with. Just a single or two host configuration. If I find the time I'll do a write-up, in the mean time you can have a look for yourself at DATTO. It's also brilliant for backing up 365 data (Exchange, Sharepoint, Azure etc).

If customers were backing up to our data-centre, we already have a secondary one running alongside so we don't necessarily have a need for this. We're obviously more expensive as we don't have quite the infrastructure that Datto do, we have the benefit of being on our customers door steps though which a lot of people prefer.

Django x2 said:
Which is nothing more than poor cloud design. Treat the cloud like you would any normal datacenter and span it out across regions, there is never a need for the above to occur. If MS were to lose two regions, there would be far greater things to worry about than taking patient obs :D
Click to expand...

Microsoft also don't back up your data either, if there was some corruption at there end how do you go about getting your data back? We don't trust it which is why we recommend backing up 365 data to a local source.
 
Liquidfox said:
Microsoft also don't back up your data either, if there was some corruption at there end how do you go about getting your data back? We don't trust it which is why we recommend backing up 365 data to a local source.
Click to expand...

Partly true. Azure backups are enabled by default, as are 365 retention policies and archiving. That and the fact data (depending on selection) is held in more than one region, and replicated across others, means backups and restores are not that painful. It feels like either you've misread, misunderstood, or been mis-advised, on how Azure/365/AWS works.
 
Yeah, this wont be happening as soon as they are making out. I work for a medical IT company where our application sits on NHS trusts infrastructure. Our application is not supported on windows 10 using lower versions of our product - which most of the NHS hospitals have. Upgrading comes at a price, this is the same with a lot of medical applications.

I will be shocked if all hospitals are on win 10 anytime soon , this budget will not include stuff like this.
 
Xire said:
Yeah, this wont be happening as soon as they are making out. I work for a medical IT company where our application sits on NHS trusts infrastructure. Our application is not supported on windows 10 using lower versions of our product - which most of the NHS hospitals have. Upgrading comes at a price, this is the same with a lot of medical applications.

I will be shocked if all hospitals are on win 10 anytime soon , this budget will not include stuff like this.
Click to expand...

There's a lot of systems out there still running XP based OS's.
 
Lot of EPOS and other systems like that still use embedded XP and/or variants of CE that look like XP.

We just moved a load of systems like that which were on XP over to Linux as trying to use Windows 10 on them was just tragic - wholly unsuitable OS for that kind of usage but we needed something more modern for security reasons.
 
Rroff said:
Lot of EPOS and other systems like that still use embedded XP and/or variants of CE that look like XP.

We just moved a load of systems like that which were on XP over to Linux as trying to use Windows 10 on them was just tragic - wholly unsuitable OS for that kind of usage but we needed something more modern for security reasons.
Click to expand...

Did the same thing last summer. Changed 900 XP terminals to linux. Went like a bloody dream.
 
*REBOOT Russians this time not NK *

latest cozy/fancybears hack, sleeper malware. what have they stolen , will we know if the new UK cyber crime org retaliates ?
Solarwindcompany took down there list of clients, so don't know if tech companies apple/intel/amd were impacted, MS was

Research by The Register has shown that SolarWinds' Orion is used widely across the British public sector, ranging from the Home Office and Ministry of Defence through NHS hospitals and trusts, right down to local city councils.

SolarWinds' products are in regular use in the Royal Navy and Royal Air Force, with the agency also counting GCHQ, the Cabinet Office, and the Ministry of Justice among its customers. Most concerningly, a company brochure [PDF] also stated that the MoD's Defence Equipment and Support agency was a SolarWinds customer. DE&S is the agency that maintains Britain's high-tech fighter jets, submarines, and warships.
Click to expand...

https://www.theregister.com/2020/12/16/solarwinds_github_password/
SolarWinds, the maker of the Orion network management software that was subverted to distribute backdoored updates that led to the compromise of multiple US government bodies, was apparently told last year that credentials for its software update server had been exposed in a public GitHub repo.

Vinoth Kumar, a security researcher, claimed on Tuesday he had made such a report to SolarWinds last November, warning that it could be used to upload files to the server. The password he said he found, in plaintext for all to see, is a textbook example of a weak password that never should have been allowed.

In a message to The Register, Kumar said that on November 19, 2019, he told SolarWinds "their update server was accessible with the password 'solarwinds123' which is leaking in the public Github repo. They fixed the issue and replied to me on [November 22]."
Click to expand...

https://msrc-blog.microsoft.com/2020/12/13/customer-guidance-on-recent-nation-state-cyber-attacks/
The actor periodically connects from a server at a VPS provider to access specific users’ emails using the permissions granted to the impersonated Application or Service Principal. In many cases, the targeted users are key IT and security personnel. By impersonating existing applications that use permissions like Mail.Read to call the same APIs leveraged by the actor, the access is hidden amongst normal traffic. For this reason, if you suspect you are impacted you should assume your communications are accessible to the actor.
Click to expand...
 
You have to wonder if many orgs have gotten away with it simply because the amount of hits for the hackers has been overwhelming. They can't have enough time or resources to investigate that many compromises at once so if it's state-sponsored are likely to have focused on the highest intelligence value targets such as government, defence, high value IP and perhaps medical research IMO.

On a side note I am facepalming at the way some people have built their firewall policies at the moment, Jesus H.Christ. Lazy admins have won the day here - I know a few people who hadn't updated their installations in years.
 
You must log in or register to reply here.
Back
Top Bottom